Skip to content

Sonarqube

Sonarqube #21

Workflow file for this run

name: Sonarqube
on:
workflow_run:
workflows: ["Build and test"]
types:
- completed
jobs:
sonar:
name: Sonar
if: github.event.workflow_run.conclusion == 'success'
runs-on: ubuntu-latest
steps:
- name: Checkout develop or PR branch
uses: actions/checkout@v4
with:
repository: ${{ github.event.workflow_run.head_repository.full_name }}
ref: ${{ github.event.workflow_run.head_branch }}
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of Sonar analysis
- name: Setup JDK 17
uses: actions/setup-java@v4
with:
java-version: 17
distribution: 'temurin'
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3
- name: Cache SonarCloud packages
uses: actions/cache@v4
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar-${{ hashFiles('build.gradle') }}
- name: Download sonar artifact
uses: actions/download-artifact@v4
with:
name: sonar-artifact
run-id: ${{ github.event.workflow_run.id }}
github-token: ${{ secrets.GITHUB_TOKEN }}
merge-multiple: true
- name: Extract sonar artifact
run: |
tar -xf sonar.tar
echo "PR_NUMBER=$(sed '1q;d' PR_EVENT.txt)" >> "$GITHUB_ENV"
echo "PR_HEAD_REF=$(sed '2q;d' PR_EVENT.txt)" >> "$GITHUB_ENV"
echo "PR_BASE_REF=$(sed '3q;d' PR_EVENT.txt)" >> "$GITHUB_ENV"
- name: Analyze with sonarqube (push develop)
if: github.event.workflow_run.event == 'push'
run: ./gradlew --info sonar
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- name: Analyze with sonarqube (PR)
if: github.event.workflow_run.event == 'pull_request'
run: |
./gradlew --info sonar \
-Dsonar.scm.provider=git \
-Dsonar.pullrequest.key=${{ env.PR_NUMBER }} \
-Dsonar.pullrequest.branch=${{ env.PR_HEAD_REF }} \
-Dsonar.pullrequest.base=${{ env.PR_BASE_REF }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}